Reproducible, plausibly dangerous, and not mentioned in the "install" section of the man page.
Sure, if one knows that canonical-published snaps can trigger installation of 3rd-party-published snaps despite specifically disabling the system-wide "APT::Install-Recommends" setting, one can act accordingly.
But how would users even learn that snap, when solely instructed to install a non-privileged browser, also decides to enable a privileged network daemon? One that certainly has a high risk of exposing additional RCE bugs, the threat level of which in the snap scenario is however not obvious from documentation like https://ubuntu.com/security/cves?q=&package=cups
dupe LP: #1996803 /bugzilla. mozilla. org/show_ bug.cgi? id=1792006
Related: https:/
Reproducible, plausibly dangerous, and not mentioned in the "install" section of the man page.
Sure, if one knows that canonical-published snaps can trigger installation of 3rd-party-published snaps despite specifically disabling the system-wide "APT::Install- Recommends" setting, one can act accordingly.
But how would users even learn that snap, when solely instructed to install a non-privileged browser, also decides to enable a privileged network daemon? One that certainly has a high risk of exposing additional RCE bugs, the threat level of which in the snap scenario is however not obvious from documentation like https:/ /ubuntu. com/security/ cves?q= &package= cups